Security News

Heap Models for Exploit Systems (Reddit)
2015-05-24 16:11

Researcher who exploits bug in Starbucks gift cards gets rebuke, not love (ArsTechnica)
2015-05-24 15:11

US clamps down on zero-day exploits, says sales should require an export license (ZDNet)
2015-05-21 12:11

Malvertising Leads to Magnitude Exploit Kit, Ransomware Infection (Threatpost)
2015-05-19 16:38

Researchers from ZScaler have uncovered a new scheme where criminals are using malversting to redirect to pages hosting the Magnitude exploit kit and the CryptoWall ransomware.

Security firm publishes details, exploit code for Google App Engine flaws (Help Net Security)
2015-05-15 13:24

Polish firm Security Explorations has published technical details and PoC code for several security issues identified in Google App Engine (GAE) for Java. The company has found over 30 vulnerabilit...

Honeypot Catches 8,000 Attempts to Exploit Critical Elasticsearch Flaw (SecurityWeek)
2015-05-12 15:10

Angler Exploit Kit Pushing New, Unnamed Ransomware (Threatpost)
2015-05-12 14:52

The Angler exploit kit is pushing yet another new variant of the TeslaCrypt and AlphaCrypt ransomware. It is similar to Cryptolocker but remains unnamed.

Angler exploit kit using tricks to avoid referrer chain leading back to malvertisement provider (Reddit)
2015-05-11 13:10

Defend your network from APTs that exploit DNS (Help Net Security)
2015-05-11 09:00

Advanced Persistent Threats (APTs) are designed to spread, morph and hide within IT infrastructure to perpetrate a long term attack, posing a significant threat to the security of corporate data. From...

Exploit development write up for fusion level02, bypassing NX and a Metasploit module (Reddit)
2015-05-11 02:10